Financial firms are now facing new and exacerbated risks such as bias, governance, accountability and data protection across the artificial intelligence (AI) lifecycle, as well as regulatory risk and strategic risk, said Deloitte on Wednesday.

The consulting firm said in a statement that with significant breakthroughs in the development of AI technology in the past twelve months, such as the popularization of Generative AI (GenAI) technologies through tools such as OpenAI’s Chat GPT and Google’s Bard AI, common risks addressed by Asia Pacific regulators in their principles of AI regulation have evolved rapidly.

While transparency, accountability, fairness, robustness, privacy and data security are still considerations, Deloitte said concerns with potential biases and intellectual property now require regulators to balance the interest of technological innovation with ensuring the safety of consumers.

According to Deloitte, financial service firms should prepare for GenAI regulation, which is looming on the horizon.

It said financial service firms that have adopted or are considering adopting AI applications should start developing an AI governance framework to support better risk management, as well as for future regulatory compliance in this space.

It said the firms should be accountable and responsible for the outputs that GenAI applications produce.

Deloitte also said financial service firms should evaluate factors contributing to the vulnerability of customers such as educational background, income, or age and ensure that the adoption of generative applications does not result in bias or discrimination against vulnerable customers as an intended or unintended result of adopting GenAI applications.

It said these firms should identify the parties involved in collecting, storing and processing customers’ personal data and ensure the compliance of data protection requirements by the corresponding parties or functions.

As copyright protection for input and output of GenAI remains unclear, it said financial service firms should assume that any data or queries entered into GenAI applications may become public.

It said the recommendation is for the establishment of controls to prevent inadvertent exposure of intellectual property or breaches of copyright.

Meanwhile, financial service firms adopting or planning to adopt GenAI applications should invest in talent acquisition and provide training on AI technologies to existing staff, including the board and senior management, to enhance their understanding of key risks and their responsibility in mitigating those risks, said Deloitte.

“Although AI regulation and legislation is still in the initial stages of development or implementation in most jurisdictions, it is crucial for financial services firms to take a measured approach by establishing their own AI governance framework as early as possible and by taking action to understand, identify and manage AI related risks,

“It’s essential for the private sector to engage in active dialogues with regulators and legislators to share industry knowledge and experience to help facilitate the rule-making process and drive a consensus on the future pathway of AI,” said Akihiro Matsuyama, Risk Advisory Leader at Deloitte Asia Pacific.

Wong Nai Seng, Regulatory Strategy Leader at Deloitte Southeast Asia, added that AI technologies such as GenAI offer significant potential to increase efficiency and digitalization within the financial services sector.

“However, the risks associated with the use of such technologies should remain top of mind,

“As the regulatory landscape surrounding AI technologies continues to evolve, both globally and within Southeast Asia, it would be prudent for financial services firms considering the adoption of AI technologies to consider how AI related risks fit within their existing risk appetite and their overall risk management framework,” he added.

The report released by Deloitte’s Asia Pacific Centre for Regulatory Strategy (ACRS), ‘Generative AI: Application and Regulation in Asia Pacific’ explores the risks associated with the use of Generative AI in the financial services sector, the current regulatory landscape in Asia Pacific and also provides guidance for financial service firms in preparing for upcoming legislation and regulation in this rapidly evolving area.

ACRS interviewed 12 Deloitte experts, both technology and regulatory specialists, across Asia Pacific (AP), to understand how, as GenAI technology advances, policymakers, and regulators are re-evaluating existing AI frameworks to mitigate new technological risks brought about by GenAI and ensure they remain fit-for-purpose across financial services.

Deloitte: Southeast Asia raises about $5.5 billion year to date, the lowest in eight years